Commit graph

1076 commits

Author SHA1 Message Date
Andreas Kling
2fb3b6c542 LibJS: Make ConservativeVector<T> visit all possible values
We were miscalculating the length of the buffer in pointer-sized chunks,
which is what the conservative root scan cares about.

This could cause some values to be prematurely garbage-collected.
2024-11-12 17:38:21 +01:00
Luke Wilde
956b279ae1 LibJS: Parse dates like "November 19 2024 00:00:00 +0900"
This format is used on https://jojowiki.com/ to show countdowns to new
releases.
2024-11-12 13:23:34 +01:00
Andreas Kling
6a6618f5ea LibJS: Add RawNonnullGCPtr<T>
This is really just a type alias for NonnullGCPtr<T>, but it provides
a way to have non-owning non-visited NonnullGCPtr<T> without getting
yelled at by the Clang plugin for catching GC errors.
2024-11-11 21:40:56 +01:00
Andreas Kling
e240084437 LibJS: Use correct cell address for HeapFunction captures in GC dumps
We were previously dumping the address of the cell pointer instead of
the address of the cell itself. This was causing mysterious orphans
in GC dumps, and it took me way too long to figure this out.
2024-11-11 21:40:56 +01:00
Luke Wilde
bd4c29322c LibJS: Allow division after IdentifierNames in optional chain
The following syntax is valid:
```js
e?.example / 1.2
```

Previously, the `/` would be treated as a unterminated regex literal,
because it was calling the regular `consume` instead of
`consume_and_allow_division`.

This is what is done when parsing IdentifierNames in
parse_secondary_expression when a period is encountered.

Allows us to parse clients-main-[hash].js on https://ubereats.com/
2024-11-11 20:19:26 +01:00
rmg-x
ea20545853 LibJS: Add support for Float16Array
Implements TC39 stage three proposal for Float16Arrays:
https://tc39.es/proposal-float16array
2024-11-10 14:48:20 -07:00
Andreas Kling
5aa1d7837f LibJS: Don't leak class field initializers
We were storing these in Handle (strong GC roots) hanging off of
ECMAScriptFunctionObject which effectively turned into world leaks.
2024-11-10 19:12:59 +01:00
Shannon Booth
e02ca0480f LibJS: Allow unpaired surrogates in String.prototype.replace
This was resulting in a crash for the WPT test case:

https://wpt.live/xhr/send-data-string-invalid-unicode.any.html
2024-11-10 09:14:03 -05:00
Timothy Flynn
93712b24bf Everywhere: Hoist the Libraries folder to the top-level 2024-11-10 12:50:45 +01:00
Andreas Kling
13d7c09125 Libraries: Move to Userland/Libraries/ 2021-01-12 12:17:46 +01:00
Lenny Maiorani
e6f907a155 AK: Simplify constructors and conversions from nullptr_t
Problem:
- Many constructors are defined as `{}` rather than using the ` =
  default` compiler-provided constructor.
- Some types provide an implicit conversion operator from `nullptr_t`
  instead of requiring the caller to default construct. This violates
  the C++ Core Guidelines suggestion to declare single-argument
  constructors explicit
  (https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit).

Solution:
- Change default constructors to use the compiler-provided default
  constructor.
- Remove implicit conversion operators from `nullptr_t` and change
  usage to enforce type consistency without conversion.
2021-01-12 09:11:45 +01:00
Linus Groh
f369229770 LibJS: Replace all uses of to_size_t() and remove it :^)
Yay for more spec compliance! This is pretty easy as everything using
to_size_t() should just be using one of the other abstract operations we
already have implemented.
This allows us to get rid of get_length() in ArrayPrototype, which is
basically a slightly incorrect implementation of length_of_array_like(),
and then finally remove to_size_t()!
Also fixes a couple of "argument is undefined" vs "argument isn't given"
issues along the way.
2021-01-10 21:57:03 +01:00
Linus Groh
9be0b664e3 LibJS: Make length_of_array_like() take an Object rather than Value
The pseudo-code from the spec says "Assert: Type(obj) is Object.", so we
can just enforce this at compile time rather than taking it literally
and doing "ASSERT(value.is_object())".

Also fix an issue where the absence of a "length" property on the object
would cause a crash (to_number() on empty value).
2021-01-10 21:57:03 +01:00
Marcin Gasperowicz
b24ce0b5ee LibJS: Implement String.prototype.split
This adds a String.prototype.split implementation modelled after 
ECMA262 specification. 

Additionally, `Value::to_u32` was added as an implementation of
the standard `ToUint32` abstract operation.

There is a tiny kludge for when the separator is an empty string. 
Basic tests and visiting google.com prove that this is working.
2021-01-10 21:27:59 +01:00
asynts
1160817a9e AK: Add Formatter<FormatString> as helper class. 2021-01-09 21:11:09 +01:00
Linus Groh
7b2fdd08ce LibJS: Add tests for bitwise NOT operator 2021-01-09 19:09:02 +01:00
Linus Groh
9fca86109b LibJS: Make bitwise NOT work correctly with NaN and Infinity
This was missing a "toInt32()" which returns 0 for NaN and Infinity.
From the spec:

    6.1.6.1.2 Number::bitwiseNOT ( x )

    The abstract operation Number::bitwiseNOT takes argument x (a Number).
    It performs the following steps when called:

        Let oldValue be ! ToInt32(x).
        Return the result of applying bitwise complement to oldValue.
        The mathematical value of the result is exactly representable as
        a 32-bit two's complement bit string.

Fixes #4868.
2021-01-09 19:09:02 +01:00
Linus Groh
c55cb7843a LibJS: Use INVALID some more in abstract operations 2021-01-09 19:09:02 +01:00
Andreas Kling
7ed89703fe LibCrypto+LibJS: Fix broken subtraction of two negative signed bigints
Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29326
2021-01-07 08:57:37 +01:00
Andreas Kling
51b880b038 LibJS: Disable ASAN during the conservative GC stack scan
This allows the JS fuzzer to survive garbage collection (so we can find
more interesting bugs!)

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29266
2021-01-05 12:27:45 +01:00
Andreas Kling
fdd974b7ef LibJS: Fix UB downcast during GlobalObject construction
When constructing a GlobalObject, it has to pass itself as the global
object to its own Shape. Since this is done in the Object constructor,
and Object is a base class of GlobalObject, it's not yet valid to cast
"this" to a GlobalObject*.

Fix this by having Shape store the global object as an Object& and move
Shape::global_object() to GlobalObject.h where we can at least perform a
valid static_cast in the getter.

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29267
2021-01-05 12:02:59 +01:00
Andreas Kling
db790dda62 LibJS: Remove hand-rolled type information in JS AST in favor of RTTI 2021-01-01 19:34:07 +01:00
Andreas Kling
d2613403e0 LibJS+LibWeb: Stop generating is_foo_wrapper() for JS DOM wrappers 2021-01-01 18:06:38 +01:00
Andreas Kling
f48751a739 LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI 2021-01-01 17:46:39 +01:00
Andreas Kling
8333055c3d LibJS: Use RTTI for inheritance checks
This replaces the hand-rolled string-based inheritance check tech.
2021-01-01 17:00:20 +01:00
Linus Groh
aa92adeedf LibJS: Fix email in TypedArray{Constructor,Prototype} copyright headers 2021-01-01 15:02:58 +01:00
Luke
0f66589007 Everywhere: Fix more typos 2020-12-31 01:47:41 +01:00
asynts
7e62ffbc6e AK+Format: Remove TypeErasedFormatParams& from format function. 2020-12-30 20:33:53 +01:00
AnotherTest
8ca0e8325a LibJS: Don't save rule start positions along with the parser state
This fixes #4617.
Also fixes the small problem where some save states would be leaked.
2020-12-29 17:39:42 +01:00
Egor Ananyin
1dbd264239 LibJS: Uncomment the tests that pass now 2020-12-29 13:43:16 +01:00
AnotherTest
d0363bca01 LibJS: `save_state()' before creating a RulePosition
Fixes #4617.
2020-12-29 10:51:33 +01:00
AnotherTest
b34b681811 LibJS: Track source positions all the way down to exceptions
This makes exceptions have a trace of source positions too, which could
probably be helpful in making fancier error tracebacks.
2020-12-29 00:58:43 +01:00
Egor Ananyin
f30d4f22ef LibJS: Add tests for new Math functions 2020-12-28 19:03:11 +01:00
Egor Ananyin
7c9c3a10d3 LibJS: Add almost all Math functions 2020-12-28 19:03:11 +01:00
Luke
be30dc2b18 LibJS: Implement Object.prototype.isPrototypeOf
Spec: https://tc39.es/ecma262/#sec-object.prototype.isprototypeof
2020-12-28 13:10:07 +01:00
Xavier Cooney
ca0f3db004 LibJS: Implement Array.prototype.sort() 2020-12-27 23:24:33 +01:00
Andreas Kling
a103eae0d4 LibJS: Run "prettier" on the tests :^) 2020-12-27 23:13:52 +01:00
Stephan Unverwerth
f603128e55 LibJS: Fix old object numeric key test now that toString() is correct 2020-12-27 23:04:09 +01:00
Stephan Unverwerth
d3524f47a0 LibJS: Implement (mostly) spec compliant version of Number.toString() 2020-12-27 23:04:09 +01:00
Stephan Unverwerth
be9c2feff0 LibJS: Fix parsing of numeric object keys
Numeric keys were interpreted as their source text, leading to
something like {0x10:true} to end up as {"0x10":true}
instead of {16:true}
2020-12-27 23:04:09 +01:00
Linus Groh
5122f98198 Base+LibJS+LibWeb: Make prettier clean
Also use "// prettier-ignore" comments where necessary rather than
excluding whole files (via .prettierignore).
2020-12-27 21:25:27 +01:00
Xavier Cooney
1cf92d39eb LibJS: Implement String.prototype.endsWith() 2020-12-26 01:09:04 +01:00
Xavier Cooney
43f948b357 LibJS: Implement IsRegExp abstract operation
This is needed by various String.prototype operations, as well as
the RegExp constructor.
2020-12-26 01:09:04 +01:00
Luke
200c7572b7 LibJS: Implement Object.prototype.propertyIsEnumerable
Spec: https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable

This is used by core-js, which is used by frameworks such as Vue.
2020-12-24 21:00:28 +01:00
AnotherTest
7c8d35600c Spreadsheet: Override visit_edges() and visit stored JS objects
...and don't let them leak out of their evaluation contexts.
Also keep the exceptions separate from the actual values.
This greatly reduces the number of assertions hit while entering random
data into a sheet.
2020-12-22 23:35:29 +01:00
Lenny Maiorani
765936ebae
Everywhere: Switch from (void) to [[maybe_unused]] (#4473)
Problem:
- `(void)` simply casts the expression to void. This is understood to
  indicate that it is ignored, but this is really a compiler trick to
  get the compiler to not generate a warning.

Solution:
- Use the `[[maybe_unused]]` attribute to indicate the value is unused.

Note:
- Functions taking a `(void)` argument list have also been changed to
  `()` because this is not needed and shows up in the same grep
  command.
2020-12-21 00:09:48 +01:00
Linus Groh
0974991d05 LibJS: Don't treat '?.' followed by decimal digit as QuestionMarkPeriod
From the spec: https://tc39.es/ecma262/#sec-punctuators

    OptionalChainingPunctuator ::
        ?. [lookahead ∉ DecimalDigit]

We were missing the lookahead and therefore incorrectly treating any
'?.' as TokenType::QuestionMarkPeriod.

Fixes #4409.
2020-12-14 22:25:46 +01:00
asynts
2981f10a5e LibWeb: Apply suggested fixes. 2020-12-09 21:05:06 +01:00
Andreas Kling
e99cfd517c LibJS: Add test for Math.asin() 2020-12-08 23:36:19 +01:00
Andreas Kling
48d2545572 LibJS: Get rid of Argument and ArgumentVector
This was used for a feature where you could pass a vector of arguments
to enter_scope(). Since that way of passing arguments was not GC-aware
(as vectors use C++ heap storage), let's avoid using it and make sure
everything that needs to stay alive is either on the stack or in traced
storage instead.
2020-12-08 18:28:18 +01:00